1. Make sure the systemd user instance starts properly. You can check if it is there with {{bc|systemctl --user status}} Since systemd 206 there should be a systemd user instance running by default, which is started in the {{ic|pam_systemd.so}} pam module for the first login of a user.

1. Make sure the systemd user instance starts properly. You can check if it is there with {{bc|systemctl --user status}} Since systemd 206 there should be a systemd user instance running by default, which is started in the {{ic|pam_systemd.so}} pam module for the first login of a user.

* Since version 207, systemd uses a different PAM module for user@.service, and includes an incorrect default PAM config. Fix it with: {{ic|# sed -i s/system-auth/system-login/g /etc/pam.d/systemd-user}} (or replace all occurrences of {{ic|system-auth}} in that file with {{ic|system-login}}).

Revision as of 13:55, 27 December 2013

systemd offers users the ability to run an instance of systemd to manage their session and services. This allows users to start, stop, enable, and disable units found within certain directories when systemd is run by the user. This is convenient for daemons and other services that are commonly run as a user other than root or a special user, such as mpd.

Setup since systemd 206

Note: User sessions are in development, have some missing features and are not yet supported upstream. See [1] and [2] for some details on the current state of affairs.

Since version 206, the mechanism for systemd user instances has changed. Now the pam_systemd.so module launches a user instance by default on the first login of an user, by starting user@.service. In its current state there are some differences with respect to previous systemd versions, that one must be aware of:

The systemd --user instance runs outside of any user session. This is ok for running, say mpd, but may be annoying if one tries to start a window manager from the systemd user instance. Then polkit will prevent from mounting usb's, rebooting, etc. as an unprivileged user, because the window manager is running outside of the active session.

The units in the user instance do not inherit any environment, so it must be set manually.

2. Add the environment variables you need, in a drop in config file for user@.service. For example:

/etc/systemd/system/user@.service.d/environment.conf

[Service]
Environment=DISPLAY=:0

3. Put all your user units in ~/.config/systemd/user. When the user instance starts, it launches the default target at ~/.config/systemd/user/default.target. After that, you can manage your user units with systemctl --user.

The unit user@.service which launches the user systemd instance, by default exports the following bus path

DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%I/dbus/user_bus_socket

which is propagated to services run under this instance. However, it was suggested that each user session should have its own dbus daemon instance (meaning that you should e.g. use the skeleton xinitrc, which launches dbus daemon for the Xorg session). There is an ongoing discussion about this issue on the systemd mailinglist. As the final decision has not been made yet, there is no official solution.

Automatic login into Xorg without display manager

Set up your xinitrc from the skeleton, so that it will source the files in /etc/X11/xinit/xinitrc.d/. Running your ~/.xinitrc should not return, so either have wait as the last command, or add exec to the last command that will be called and which should not return (your window manager, for instance).

The session will use its own dbus daemon, but various systemd utilities need the dbus.service instance. Possible solution to this is to create aliases for such commands:

Finally, enable (as root) the xlogin service for automatic login at boot:

# systemctl enable xlogin@username

The user session lives entirely inside a systemd scope and everything in the user session should work just fine.

Automatic start-up of systemd user instances

The systemd user instance is by default run after the first login of a user, but sometimes it may be useful to start it right after boot. Lingering is used to spawn the systemd user instance at boot and keep it running after logouts.

Warning: systemd services are not sessions, they run outside of logind. Do not use lingering to enable automatic login as it will break the session.

Setup

Using /usr/lib/systemd/systemd --user To Manage Your Session

Systemd has many amazing features, one of which is the ability to track programs using cgroups (by running systemctl status). While awesome for a pid 1 process to do, it is also extremely useful for users, and having it set up and initialize user programs, all the while tracking what is in each cgroup is even more amazing.

All of your systemd user units will go to $HOME/.config/systemd/user. These units take precedence over units in other systemd unit directories.

Note: The [Install] section includes a 'WantedBy' part. When using systemctl --user enable it will link this as $HOME/.config/systemd/user/wm.target.wants/YOUR_WM.service, allowing it to be started at login. Is recommended enabling this service, not linking it manually.

You can fill your user unit directory with a plethora of services, including ones for mpd, gpg-agent, offlineimap, parcellite, pulse, tmux, urxvtd, xbindkeys and xmodmap to name a few.

To exit your session, use systemctl --user exit.

Auto-login

If you want to have systemd automatically log you in on boot, then you can use the unit in user-session-units to do so. Enabling a screen locker for will stop someone from booting your computer into a nice, logged in session.
Add this line to /etc/pam.d/login and /etc/pam.d/system-auth:

session required pam_systemd.so

Because user-session@.service starts on tty1, you will need to add Conflicts=getty@tty1.service to the service file, if it doesn't exist already. Alternately, you can have it run on tty7 instead by modifying TTYPath accordingly as well as the ExecStart line in xorg.service (cp /usr/lib/systemd/user/xorg.service /etc/systemd/user/ and make the modifications there).

Once this is done, systemctl --user enableYOUR_WM.service

Note: One must be careful with tty's to keep the systemd session active. Systemd sets a session as inactive when the active tty is different from the one that the login took place. This means that the X server must be run in the same tty as the login in user-session@.service. If the tty in TTYPath does not match the one xorg is launched in, the systemd session will be inactive from the point of view of your X applications, and you will not be able to mount USB drives, for instance.

One of the most important things you can add to the service files you will be writing is the use of Before= and After= in the [Unit] section. These two parts will determine the order things are started. Say you have a graphical application you want to start on boot, you would put After=xorg.target into your unit. Say you start ncmpcpp, which requires mpd to start, you can put After=mpd.service into your ncmpcpp unit. You will eventually figure out exactly how this needs to go either from experience or from reading the systemd manual pages. Starting with systemd.unit(5) is a good idea.

Other use cases

Persistent terminal multiplexer

You may wish your user session to default to running a terminal multiplexer, such as GNU Screen or Tmux, in the background rather than logging you into a window manager session. Separating login from X login is most likely only useful for those who boot to a TTY instead of to a display manager (in which case you can simply bundle everything you start in with myStuff.target).

To create this type of user session, procede as above, but instead of creating wm.target, create multiplexer.target:

cruft.target, like mystuff.target above, should start anything you think should run before tmux or screen starts (or which you want started at boot regardless of timing), such as a GnuPG daemon session.

You then need to create a service for your multiplexer session. Here is a sample service, using tmux as an example and sourcing a gpg-agent session which wrote its information to /tmp/gpg-agent-info. This sample session, when you start X, will also be able to run X programs, since DISPLAY is set.

Once this is done, systemctl --user enabletmux.service, multiplexer.target and any services you created to be run by cruft.target and you should be set to go! Activated user-session@.service as described above, but be sure to remove the Conflicts=getty@tty1.service from user-session@.service, since your user session will not be taking over a TTY. Congratulations! You have a running terminal multiplexer and some other useful programs ready to start at boot!

Starting X

You have probably noticed that, since the terminal multiplexer is now default.target, X will not start automatically at boot. To start X, proceed as above, but do not activate or manually link to default.targetwm.target. Instead, assuming you are booting to a terminal, we will simply be using a hack-ish workaround and masking /usr/bin/startx with a shell alias:

alias startx='systemctl --user start wm.target'

User Services

Users may now interact with units located in the following directories just as they would with system services (ordered by ascending precedence):

/usr/lib/systemd/user/

/etc/systemd/user/

~/.config/systemd/user/

To control the systemd instance, the user must use the command systemctl --user.

Installed by packages

A unit installed by a package that is meant to be run by a systemd user instance should install the unit to /usr/lib/systemd/user/. The system adminstration can then modify the unit by copying it to /etc/systemd/user/. A user can then modify the unit by copying it to ~/.config/systemd/user/.

A simpler way, if using user-session-unitsAUR, is to define it in user-session@yourloginname.service so it's inherited. Add Environment=DISPLAY=:0 to the [Service] section. Another helpful environment variable to set here is SHELL.

A cleaner way though, is to not hard code the DISPLAY environment variable (specially if you run more than on display):